Jason Luse, Senior Planner

Jason Luse, Senior Planner

Understanding why fraud occurs and how to identify the likely offenders plays an important first step in preventing fraud in your practice.  Part 1 of this article helped point out the common traits of an embezzler and the fraud triangle itself.  Now in Part 2, the focus turns to specific steps that can be taken to implement sound internal controls for your practice.

Before concerning yourself with complex systems or employee responsibilities, step one is to create smart hiring practices from the outset.  In an article published in the September 2017 issue of Dental Economics, authors Baird, Dervenis and Patterson describe six important steps to follow when hiring in your practice that include everything from requiring the completion of employment applications to performing Internet searches.  Taking these initial steps will help prevent the wrong people from being invited into your business.  The process is designed to see beyond the basic presentation you will get from almost any employee candidate.  Since embezzlers must be liars, accepting interview answers as accurate on faith alone will not help avoid future fraud.  Read their full article to better prepare yourself for future hiring.

Another key element to a strong fraud prevention system is the segregation of duties among employees.  Segregation of duties is the process of assigning money-related tasks to different people in the organization.  If there aren’t enough employees to properly share these responsibilities initially, then you, as the dentist and owner, must absorb as many as possible.  The following are the most critical tasks to be segregated or assigned to different members of your staff:

  1. Paying the bills.  Having access to move money to vendors is the most direct path for embezzling, allowing an employee to not only pay bills, but also themselves.
  2. Making deposits.  Being in charge of depositing money at the bank can allow potential embezzlers to redirect patient payments to themselves.
  3. Adjusting patient accounts.  In order to be successful in redirecting patient payments, embezzlers must cover up the fraud by clearing the A/R balance through adjustments in the dental software.  If this isn’t done, patients would receive demands for payment from the practice for outstanding balances owed (which, of course, were already paid by the patient).  Patients would contact the office and uncover the fraud.
  4. Bookkeeping.  Controlling the financial records and reporting allows embezzlers to bury fraudulent transactions in the accounting records.  This task should be outsourced or handled directly by the owner.
  5. Receiving and opening the mail.  Since checks still arrive by mail, embezzlers can intercept payments and redirect them for personal use.  The employee responsible for mail should immediately stamp all checks received as “For Deposit Only (Bank Name) (Account Number).”
  6. Processing payroll.  Embezzlers can easily over pay themselves through bonuses, adjusting time clocks or running extra checks.  The owner should be responsible for processing payroll.

By segregating each of these responsibilities to the extent possible, you now require multiple employees to collude in order to successfully embezzle practice funds.  This is a much more difficult fraud to perpetrate and it becomes much easier to identify if it does.

In addition to good hiring practices and basic segregation of duties, there are several other suggestions to help build strong internal controls to prevent embezzlement:

  1. Require employees to take vacation and force them away from the office.  A disruption like this can uncover fraudulent behavior.
  2. Do not allow employees to work odd hours (especially alone) or to work from home where there is no oversight.
  3. Utilize a biometric fingerprint time clock system (approximately $250-400) to reduce the potential for employees to pad their hours.
  4. Do not give an employee a completely private office.
  5. Maintain a perception of oversight.  Place security cameras at the front desk to document financial transactions between patients and staff.  Even if not actually reviewed, the perception of oversight increases protection.
  6. Perform audits of the financial information reported by employees.  This can include quick daily comparisons of money received vs. money deposited (i.e. day sheet), and also more detailed monthly reconciliation of money collected as reported through the dental software vs. money actually deposited in the bank.  The monthly reconciliation is often the easiest method for discovering embezzlement.
  7. Review all dental supply invoices.  Since the use of iPads and other expensive electronics has become more mainstream in a practice, dental suppliers now carry them for sale.  Employees can order them for themselves.
  8. Always maintain a professional skepticism about the relationships you have with your employees.  As a business owner, it is important to have trust between you and your staff.  It is equally important, however, to not allow that to be blind trust.
  9. Limit online access to your business bank and credit card accounts.  Employees really shouldn’t need access to these.  If for some reason they do, set up a limited, read-only access.
  10. Place daily spending limits on employees who are provided company credit cards.  If possible, enable text alerts when these cards are used.
  11. Take 5 minutes per day to scan through all business bank and credit transactions.  Most institutions have a phone app that slows you to log in and quickly scroll through that day or the prior day’s transactions.
  12. Review your merchant services statement (credit card billing) at least monthly to verify the validity of all refunds processed.  Refunds issued to credit cards are vulnerable to embezzlement.  In some systems, an employee can input any credit card number to be “refunded” money, even if there was no prior transaction on that card.  This would include his/her own card!
  13. Run an adjustments report (or audit trail report) from your dental software at least monthly and review any negative adjustments closely.  If a patient’s balance was reduced or eliminated by adjustment, make sure this was approved or valid.  It could be that the patient paid but the funds were pocketed.
  14. Make sure you have an embezzlement rider as part of your business insurance coverage to help make you whole in the event of such fraud.

Fraudulent behavior cannot be 100% prevented.  Sophisticated embezzlers find new ways to cheat the system and avoid detection.  But recognizing the profile of a potential embezzler, engaging smart hiring tactics, segregating duties in the practice and implementing these overall suggestions can dramatically reduce your exposure.  Not all these recommendations will be applicable to every situation, so you may need to customize a strategy based on your understanding of these basic concepts to successfully implement internal controls in your practice.